Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1Crjx2f5WUxLYPX6YT91YZYuYXc.roa
File: 1Crjx2f5WUxLYPX6YT91YZYuYXc.roa (raw, json)
Hash identifier: YyvNz2kCuyLkvBrbz/JacSUEV/iIZynY29uW6fXoMOU=
Subject key identifier: D4:2A:E3:C7:67:F9:59:4C:4B:60:F5:FA:61:3F:75:61:96:2E:61:77
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01916F16609240DD916A02B4CBC8EF6D89DC
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1Crjx2f5WUxLYPX6YT91YZYuYXc.roa
Signing time: Tue 20 Aug 2024 09:20:23 +0000
ROA not before: Tue 20 Aug 2024 09:20:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 09:50:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:16:60:92:40:dd:91:6a:02:b4:cb:c8:ef:6d:89:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 20 09:20:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d42ae3c767f9594c4b60f5fa613f7561962e6177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ba:f1:b2:14:f7:18:ab:a1:a1:18:4f:12:44:
76:f5:a9:74:e1:90:ae:fe:6c:14:37:e2:46:74:ee:
06:05:0c:35:30:10:8c:9a:a5:12:d6:99:67:40:6d:
dc:59:d9:00:62:aa:61:a4:40:bd:01:e4:f3:fe:8b:
2c:0d:2b:a3:a2:d1:38:3d:47:3a:75:3b:2c:1b:81:
a4:4f:ed:4e:7e:0d:89:bc:0d:94:8a:f6:87:22:de:
42:8d:a9:13:3c:d0:36:2b:eb:2a:b7:8a:9b:38:9c:
e3:1d:fe:2c:bb:2b:03:af:dc:c9:bb:60:34:9c:a3:
d0:cf:10:54:f8:10:14:7d:c4:15:35:6f:ab:be:a8:
cb:6a:1d:de:55:95:c1:a3:45:b9:9f:b6:77:7e:28:
f2:c1:e2:0b:f3:1d:80:52:10:3f:0a:9f:71:73:df:
48:3e:e3:c0:50:d0:1b:bc:c9:56:2c:71:fb:6c:6b:
25:ff:f8:1e:ea:6b:34:d6:87:a4:6f:9b:cb:1a:50:
c3:c4:1f:82:69:8e:09:51:79:e2:ee:89:69:9f:87:
3e:a5:89:5f:ab:c6:90:76:e2:fc:23:f1:21:1e:e3:
db:b7:56:f3:19:5a:96:92:3b:ab:48:6e:0f:42:06:
8c:b8:61:83:30:69:94:94:05:18:86:d5:b4:ba:42:
62:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:2A:E3:C7:67:F9:59:4C:4B:60:F5:FA:61:3F:75:61:96:2E:61:77
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1Crjx2f5WUxLYPX6YT91YZYuYXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
56:ad:b1:31:3b:eb:34:f9:aa:e6:cc:12:39:10:79:be:3e:69:
a4:ab:1e:97:2f:97:94:bd:79:80:32:d8:fc:6c:9c:d0:bd:cb:
68:ba:5b:19:55:52:b0:cd:37:3a:7d:23:43:be:cd:3b:87:50:
c7:1f:d5:fd:b1:90:3e:43:94:9e:62:a5:27:a7:4a:55:ef:de:
b8:e3:5e:dc:2a:7e:23:0c:50:a8:9b:88:53:6a:5c:ae:27:e6:
dd:7c:7a:6d:cb:0d:c3:1a:f8:f4:d0:91:0d:bc:3b:67:9c:f3:
9a:28:06:b6:7c:45:05:70:70:6f:24:60:e9:d0:e9:5c:02:83:
fb:c9:71:37:e5:9b:86:01:23:70:e1:7f:0f:ee:59:40:cf:67:
d3:a4:c4:92:1a:28:d5:cd:55:21:95:81:7b:4b:73:64:81:9b:
26:e7:5a:fc:ae:97:ec:82:11:24:62:61:e3:8f:99:fb:4d:90:
c7:53:48:95:3c:35:da:64:4f:c5:fd:92:09:d7:58:e7:28:18:
ac:61:58:2a:16:36:39:9a:da:af:15:15:b7:28:d9:3b:4d:62:
00:93:83:9c:b0:a1:52:77:94:86:70:6c:a3:25:60:3f:05:96:
dc:72:05:e9:5f:0e:05:e8:11:04:f7:e6:4a:12:38:b7:ce:bd:
af:3b:78:17
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZFvFmCSQN2RagK0y8jvbYncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwODIwMDkyMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDJhZTNjNzY3Zjk1OTRjNGI2MGY1ZmE2MTNmNzU2MTk2MmU2MTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobrxshT3GKuhoRhPEkR29al04ZCu
/mwUN+JGdO4GBQw1MBCMmqUS1plnQG3cWdkAYqphpEC9AeTz/ossDSujotE4PUc6
dTssG4GkT+1Ofg2JvA2UivaHIt5CjakTPNA2K+sqt4qbOJzjHf4suysDr9zJu2A0
nKPQzxBU+BAUfcQVNW+rvqjLah3eVZXBo0W5n7Z3fijyweIL8x2AUhA/Cp9xc99I
PuPAUNAbvMlWLHH7bGsl//ge6ms01oekb5vLGlDDxB+CaY4JUXni7olpn4c+pYlf
q8aQduL8I/EhHuPbt1bzGVqWkjurSG4PQgaMuGGDMGmUlAUYhtW0ukJi5wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNQq48dn+VlMS2D1+mE/dWGWLmF3MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMUNyangyZjVXVXhMWVBYNllUOTFZWll1WVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQBwQhwAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQBWrbExO+s0+armzBI5EHm+Pmmkqx6XL5eUvXmAMtj8bJzQvcto
ulsZVVKwzTc6fSNDvs07h1DHH9X9sZA+Q5SeYqUnp0pV7964417cKn4jDFCom4hT
alyuJ+bdfHptyw3DGvj00JENvDtnnPOaKAa2fEUFcHBvJGDp0OlcAoP7yXE35ZuG
ASNw4X8P7llAz2fTpMSSGijVzVUhlYF7S3NkgZsm51r8rpfsghEkYmHjj5n7TZDH
U0iVPDXaZE/F/ZIJ11jnKBisYVgqFjY5mtqvFRW3KNk7TWIAk4OcsKFSd5SGcGyj
JWA/BZbccgXpXw4F6BEE9+ZKEji3zr2vO3gX
-----END CERTIFICATE-----
Generated at Mon Aug 26 12:49:07 2024 by rpki-client on console-fra.rpki-client.org